URL: https://bankssg.com/
Submission: On October 02 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 19 IPs in 3 countries across 13 domains to perform 97 HTTP transactions. The main IP is 89.252.180.81, located in Turkey and belongs to NETINTERNET Netinternet Bilisim Teknolojileri AS, TR. The main domain is bankssg.com.
TLS certificate: Issued by R3 on October 2nd 2021. Valid for: 3 months.
This is the only time bankssg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 89.252.180.81 51559 (NETINTERN...)
13 142.250.186.162 15169 (GOOGLE)
1 142.250.74.200 15169 (GOOGLE)
13 142.250.185.66 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
2 142.250.74.2 15169 (GOOGLE)
2 142.250.186.46 15169 (GOOGLE)
1 74.125.206.157 15169 (GOOGLE)
4 18.66.122.5 16509 (AMAZON-02)
21 142.250.184.193 15169 (GOOGLE)
4 142.250.184.194 15169 (GOOGLE)
2 3 216.58.212.164 15169 (GOOGLE)
3 142.250.186.106 15169 (GOOGLE)
3 142.250.185.99 15169 (GOOGLE)
7 93.184.220.41 15133 (EDGECAST)
3 18.66.97.46 16509 (AMAZON-02)
1 142.250.186.166 15169 (GOOGLE)
2 142.250.185.195 15169 (GOOGLE)
97 19
Domain Requested by
21 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
15 bankssg.com bankssg.com
13 googleads.g.doubleclick.net pagead2.googlesyndication.com
bankssg.com
googleads.g.doubleclick.net
13 pagead2.googlesyndication.com bankssg.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7 cdn.revjet.com srcdoc
cdn.revjet.com
4 www.googletagservices.com googleads.g.doubleclick.net
4 revjet.lendingtree.com bankssg.com
revjet.lendingtree.com
3 pix.lendingtree.com srcdoc
3 www.gstatic.com googleads.g.doubleclick.net
3 fonts.googleapis.com googleads.g.doubleclick.net
srcdoc
3 www.google.com 2 redirects tpc.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 adservice.google.com pagead2.googlesyndication.com
1 s0.2mdn.net srcdoc
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com bankssg.com
97 18

This site contains links to these domains. Also see Links.

Domain
hikmetbaysal.com
Subject Issuer Validity Valid
bankssg.com
R3
2021-10-02 -
2021-12-31
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.lendingtree.com
Amazon
2021-09-30 -
2022-10-29
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
s1.wac.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2020-10-22 -
2021-11-22
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh

This page contains 19 frames:

Primary Page: https://bankssg.com/
Frame ID: 02426602184DF36FE2E4AED35210339B
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html
Frame ID: 8F10AD9595300EF2AAFCA43F5289ABFE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&adk=318159125&adf=2184669829&lmt=1633201393&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbankssg.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393595&bpp=2&bdt=446&idt=65&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=43709409180&frm=20&pv=2&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=79
Frame ID: 27CBFF37D210EB43D83118C7F7FE695B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=280&slotname=2645485076&adk=3092119540&adf=43991435&pi=t.ma~as.2645485076&w=730&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393597&bpp=2&bdt=449&idt=83&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=330&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VcmIGR0dpK&p=https%3A//bankssg.com&dtd=88
Frame ID: BC0D695B4E6F2DC3573721A93F337A04
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=600&slotname=2190313216&adk=2681717213&adf=1754701967&pi=t.ma~as.2190313216&w=191&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=191x600&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393599&bpp=1&bdt=450&idt=109&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1079&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oPeaqMmmyT&p=https%3A//bankssg.com&dtd=111
Frame ID: CFE6A36E0954F3DC64C8CEC0B89FE595
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CRUYq8axYYa2ALbKP9u8Pta6m2A2ekNfiY_Lb1dSnDIGA9L7CARABIOzHyBxgyQagAfHB4PsCyAEJqAMBqgTfAU_QLXUM0hy21qK7gFfyWk0yceIlLgCtnALU_2lLxLiNU2WSTEiZWkOJzBR950qIhiBHXS9CRN3A79KzYK7mQW_04Bah3KOnl-SbVBVxU4Ho3KEZpnvLcOSI2oZDpFgY5-4vDLYwYEW6gS0NJ-Mz32tQKFTnOrvFrlObYVhR67xEE5YR8ltYu54rAB6s5B-Qba7Qzu7ga7LmXi8gnPud3E7I8ExmmWivSITSRP_-qqR21PERvqgrPXTkssSgH2NkhzPAf7FdXQGYVs-hYClXxZgGLD_LDQqpsnk8Yql-YPPABKrjsIusA5IFBAgEGAGSBQQIBRgEoAYRgAf3vZ-EAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwDyBwUQyrWAAdIIBwiAYRABGF-ACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMTMxODc2ODY3MjgyMTkyNhgA&sigh=8p2dy5lzSEA
Frame ID: 1FE2932E65E41F2C330187D53D7629D9
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 9A082120ECCA8EAAB91C0E62D99CDC58
Requests: 2 HTTP requests in this frame

Frame: https://revjet.lendingtree.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Frame ID: FF23B9EC3941ADC9F43EFC3DF9020936
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Frame ID: 513B16D41F173905E6D332DC754AAC8E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Frame ID: E615F04F719A028E21DB14AEB78E118E
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Frame ID: F119C6528C5319E868626EBC03D0E66A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: BBC5F677A2F38433EB304776DD38E9E6
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 992F4213B0AD732061D68929915CC688
Requests: 7 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.7.0.js
Frame ID: 6AF4F62E7585C6C306368ECDB15802FC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Frame ID: 9D7C40BBCA6A98CC0E09F595B49C30EC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Frame ID: E41BB46E609DA3C44E88AD51E1AC8C44
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/s3/csp/1619040477118/style.css
Frame ID: E9643448DF8DC00423F8DEC9564BEED0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3EDFD84908CCB390131621AED48AC13C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 495D14AD662EA01131ECBAE667EC139C
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Banks in Singapore, Banks at Singapore, Banks of Singapore

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

97
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

18
Subdomains

19
IPs

3
Countries

1443 kB
Transfer

2969 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 76
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

97 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
bankssg.com/
60 KB
61 KB
Document
General
Full URL
https://bankssg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.252.180.81 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
windmill.guzelhosting.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
41bed3fec75000d70f8229cc5c88c3ec5a3adf776bbd1c49bdb759771f069a7b

Request headers

Host
bankssg.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
Set-Cookie
ASP.NET_SessionId=x1bl332kb3ep3sjq0n14k10l; path=/; HttpOnly; SameSite=Lax ASP.NET_SessionId=x1bl332kb3ep3sjq0n14k10l; path=/; HttpOnly; SameSite=Lax LANGUAGE=en-US; path=/
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
Date
Sat, 02 Oct 2021 19:04:01 GMT
Content-Length
61948
bootstrap.min.css
bankssg.com/Assets/css/
119 KB
119 KB
Stylesheet
General
Full URL
https://bankssg.com/Assets/css/bootstrap.min.css
Requested by
Host: bankssg.com
URL: https://bankssg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.252.180.81 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
windmill.guzelhosting.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2ce94bbb7e34f71e199bf6ce654fdbd50a471359ed21715fe788d0d6cf4a8e59

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bankssg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://bankssg.com/
Cookie
ASP.NET_SessionId=x1bl332kb3ep3sjq0n14k10l; LANGUAGE=en-US
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Sat, 02 Oct 2021 19:04:02 GMT
Content-Encoding
gzip
ETag
"ef83479bba17d61:0"
Last-Modified
Tue, 21 Apr 2020 08:55:29 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=691200
Transfer-Encoding
chunked
Accept-Ranges
bytes
bootstrap-theme.min.css
bankssg.com/Assets/css/
23 KB
23 KB
Stylesheet
General
Full URL
https://bankssg.com/Assets/css/bootstrap-theme.min.css
Requested by
Host: bankssg.com
URL: https://bankssg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.252.180.81 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
windmill.guzelhosting.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
6c1bdb1220826cfd7b84730f91c6a074dc6fb5cfcf299972133c6068482c679a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bankssg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://bankssg.com/
Cookie
ASP.NET_SessionId=x1bl332kb3ep3sjq0n14k10l; LANGUAGE=en-US
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Sat, 02 Oct 2021 19:04:02 GMT
Content-Encoding
gzip
ETag
"f7728e99ba17d61:0"
Last-Modified
Tue, 21 Apr 2020 08:55:26 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=691200
Accept-Ranges
bytes
Content-Length
23150
style.css
bankssg.com/Assets/css/
49 KB
49 KB
Stylesheet
General
Full URL
https://bankssg.com/Assets/css/style.css
Requested by
Host: bankssg.com
URL: https://bankssg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.252.180.81 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
windmill.guzelhosting.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
60395c90bea2e855b9bad50f6be93ff861d01abaae98d56ffb53737813c708b5

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bankssg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://bankssg.com/
Cookie
ASP.NET_SessionId=x1bl332kb3ep3sjq0n14k10l; LANGUAGE=en-US
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Sat, 02 Oct 2021 19:04:02 GMT
Content-Encoding
gzip
ETag
"95f7e9eba17d61:0"
Last-Modified
Tue, 21 Apr 2020 08:55:34 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=691200
Accept-Ranges
bytes
Content-Length
50022
responsive.css
bankssg.com/Assets/css/
10 KB
10 KB
Stylesheet
General
Full URL
https://bankssg.com/Assets/css/responsive.css
Requested by
Host: bankssg.com
URL: https://bankssg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.252.180.81 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
windmill.guzelhosting.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8df9496a7605e0e1922a1148caeb546fe5c0026c97ba47b75a8531a134d23091

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bankssg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://bankssg.com/
Cookie
ASP.NET_SessionId=x1bl332kb3ep3sjq0n14k10l; LANGUAGE=en-US
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Sat, 02 Oct 2021 19:04:02 GMT
Content-Encoding
gzip
ETag
"3351fd9dba17d61:0"
Last-Modified
Tue, 21 Apr 2020 08:55:33 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=691200
Accept-Ranges
bytes
Content-Length
9877
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
143 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: bankssg.com
URL: https://bankssg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
6f8806b9d1781788020f5320294d8f1a4d07ec9f0bdfa25573fd29e3352d8469
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50847
x-xss-protection
0
server
cafe
etag
11639590671512184851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 02 Oct 2021 19:03:13 GMT
Logo.png
bankssg.com/CmsFiles/
3 KB
3 KB
Image
General
Full URL
https://bankssg.com/CmsFiles/Logo.png
Requested by
Host: bankssg.com
URL: https://bankssg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.252.180.81 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
windmill.guzelhosting.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
31a2b824bc30d5ff7eb9c79b32155ddcd0d8cae3f3b5bd2d855467f300ab14ce

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bankssg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://bankssg.com/
Cookie
ASP.NET_SessionId=x1bl332kb3ep3sjq0n14k10l; LANGUAGE=en-US
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Sat, 02 Oct 2021 19:04:02 GMT
Last-Modified
Tue, 21 Apr 2020 08:44:15 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"fc38b19b917d61:0"
Content-Type
image/png
Cache-Control
public,max-age=691200
Accept-Ranges
bytes
Content-Length
2878
hikmetbaysal-kirmizilogo.png
bankssg.com/assets/images/
2 KB
3 KB
Image
General
Full URL
https://bankssg.com/assets/images/hikmetbaysal-kirmizilogo.png
Requested by
Host: bankssg.com
URL: https://bankssg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.252.180.81 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
windmill.guzelhosting.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2e922a372f44531aac711b97f1668ff82476a3d973bdb41335ca398b881fc260

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bankssg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://bankssg.com/
Cookie
ASP.NET_SessionId=x1bl332kb3ep3sjq0n14k10l; LANGUAGE=en-US
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Sat, 02 Oct 2021 19:04:02 GMT
Last-Modified
Tue, 21 Apr 2020 08:55:46 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"925b81a5ba17d61:0"
Content-Type
image/png
Cache-Control
public,max-age=691200
Accept-Ranges
bytes
Content-Length
2337
jquery-1.11.3.min.js
bankssg.com/Assets/js/
94 KB
94 KB
Script
General
Full URL
https://bankssg.com/Assets/js/jquery-1.11.3.min.js
Requested by
Host: bankssg.com
URL: https://bankssg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.252.180.81 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
windmill.guzelhosting.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bankssg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bankssg.com/
Cookie
ASP.NET_SessionId=x1bl332kb3ep3sjq0n14k10l; LANGUAGE=en-US
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Sat, 02 Oct 2021 19:04:02 GMT
Content-Encoding
gzip
ETag
"c74bdbdba17d61:0"
Last-Modified
Tue, 21 Apr 2020 08:56:26 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=691200
Transfer-Encoding
chunked
Accept-Ranges
bytes
jquery-migrate-1.2.1.min.js
bankssg.com/Assets/js/
7 KB
7 KB
Script
General
Full URL
https://bankssg.com/Assets/js/jquery-migrate-1.2.1.min.js
Requested by
Host: bankssg.com
URL: https://bankssg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.252.180.81 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
windmill.guzelhosting.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bankssg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bankssg.com/
Cookie
ASP.NET_SessionId=x1bl332kb3ep3sjq0n14k10l; LANGUAGE=en-US
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Sat, 02 Oct 2021 19:04:02 GMT
Content-Encoding
gzip
ETag
"1d21abeba17d61:0"
Last-Modified
Tue, 21 Apr 2020 08:56:27 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=691200
Accept-Ranges
bytes
Content-Length
7222
jquery.lazy.min.js
bankssg.com/Assets/js/
5 KB
5 KB
Script
General
Full URL
https://bankssg.com/Assets/js/jquery.lazy.min.js
Requested by
Host: bankssg.com
URL: https://bankssg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.252.180.81 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
windmill.guzelhosting.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bankssg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bankssg.com/
Cookie
ASP.NET_SessionId=x1bl332kb3ep3sjq0n14k10l; LANGUAGE=en-US
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Sat, 02 Oct 2021 19:04:02 GMT
Content-Encoding
gzip
ETag
"a2a225c1ba17d61:0"
Last-Modified
Tue, 21 Apr 2020 08:56:32 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=691200
Accept-Ranges
bytes
Content-Length
5046
jquery.lazyload.min.js
bankssg.com/Assets/js/
3 KB
4 KB
Script
General
Full URL
https://bankssg.com/Assets/js/jquery.lazyload.min.js
Requested by
Host: bankssg.com
URL: https://bankssg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.252.180.81 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
windmill.guzelhosting.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bankssg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bankssg.com/
Cookie
ASP.NET_SessionId=x1bl332kb3ep3sjq0n14k10l; LANGUAGE=en-US
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Sat, 02 Oct 2021 19:04:02 GMT
Content-Encoding
gzip
ETag
"40173bc1ba17d61:0"
Last-Modified
Tue, 21 Apr 2020 08:56:32 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=691200
Accept-Ranges
bytes
Content-Length
3404
js
www.googletagmanager.com/gtag/
96 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3734534-162
Requested by
Host: bankssg.com
URL: https://bankssg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7baa73ab943fa39825df1f1e79f89e170987667b1454ed05a67c310a023c40ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:13 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38905
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 02 Oct 2021 19:03:13 GMT
customscript.js
bankssg.com/Assets/js/
1 KB
2 KB
Script
General
Full URL
https://bankssg.com/Assets/js/customscript.js
Requested by
Host: bankssg.com
URL: https://bankssg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.252.180.81 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
windmill.guzelhosting.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a2d9d72420c246e13de6d4ff805294750a8723dc5856ae4f405b4df3e77d6a72

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bankssg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bankssg.com/
Cookie
ASP.NET_SessionId=x1bl332kb3ep3sjq0n14k10l; LANGUAGE=en-US
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Sat, 02 Oct 2021 19:04:02 GMT
Content-Encoding
gzip
ETag
"1525f4baba17d61:0"
Last-Modified
Tue, 21 Apr 2020 08:56:22 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=691200
Accept-Ranges
bytes
Content-Length
1445
sprite.png
bankssg.com/Assets/images/
880 B
1 KB
Image
General
Full URL
https://bankssg.com/Assets/images/sprite.png
Requested by
Host: bankssg.com
URL: https://bankssg.com/Assets/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.252.180.81 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
windmill.guzelhosting.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
fc6425e8a5f918caa07ef67f023df8610be6304291b17a834821ca75bacdaea3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bankssg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://bankssg.com/Assets/css/style.css
Cookie
ASP.NET_SessionId=x1bl332kb3ep3sjq0n14k10l; LANGUAGE=en-US
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/Assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Sat, 02 Oct 2021 19:04:02 GMT
Last-Modified
Tue, 21 Apr 2020 08:55:48 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"7a5fcaa6ba17d61:0"
Content-Type
image/png
Cache-Control
public,max-age=691200
Accept-Ranges
bytes
Content-Length
880
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/
257 KB
95 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
5ce3f6ea71ea0f7eb1247e5555023217bb60373c178676b4bf86c89c24c8827c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97113
x-xss-protection
0
server
cafe
etag
1513850015010547206
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Oct 2021 19:03:13 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/ Frame 8F10
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210928/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bankssg.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 01 Oct 2021 23:06:38 GMT
expires
Fri, 15 Oct 2021 23:06:38 GMT
content-type
text/html; charset=UTF-8
etag
297313706323796346
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4617
x-xss-protection
0
age
71795
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/
201 B
655 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=bankssg.com&callback=_gfp_s_&client=ca-pub-1318768672821926
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ffa8a4c19f54f89d990a188facc054db13807a5ad467f939cf102b31826eeb84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bankssg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Oct 2021 19:03:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 27CB
233 KB
56 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&adk=318159125&adf=2184669829&lmt=1633201393&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbankssg.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393595&bpp=2&bdt=446&idt=65&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=43709409180&frm=20&pv=2&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=79
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
2abbee2d5d531a76163ffb37425857e3af75284178867b2fd90fdcd80f0b3ea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1318768672821926&output=html&adk=318159125&adf=2184669829&lmt=1633201393&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbankssg.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393595&bpp=2&bdt=446&idt=65&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=43709409180&frm=20&pv=2&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=79
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bankssg.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 02 Oct 2021 19:03:14 GMT
server
cafe
content-length
57038
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 02-Oct-2021 19:18:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 02 Oct 2021 19:03:14 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame BC0D
67 KB
25 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=280&slotname=2645485076&adk=3092119540&adf=43991435&pi=t.ma~as.2645485076&w=730&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393597&bpp=2&bdt=449&idt=83&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=330&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VcmIGR0dpK&p=https%3A//bankssg.com&dtd=88
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
f43ecc90cc094c360a9de6fafb4d68035540236b7462fac8621bd84c97b793ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1318768672821926&output=html&h=280&slotname=2645485076&adk=3092119540&adf=43991435&pi=t.ma~as.2645485076&w=730&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393597&bpp=2&bdt=449&idt=83&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=330&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VcmIGR0dpK&p=https%3A//bankssg.com&dtd=88
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bankssg.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 02 Oct 2021 19:03:14 GMT
server
cafe
content-length
25508
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 02-Oct-2021 19:18:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 02 Oct 2021 19:03:14 GMT
cache-control
private
truncated
/
120 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
directasia-insurance.png.ashx
bankssg.com/CmsFiles/Posts/
43 KB
43 KB
Image
General
Full URL
https://bankssg.com/CmsFiles/Posts/directasia-insurance.png.ashx?w=332&h=185
Requested by
Host: bankssg.com
URL: https://bankssg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.252.180.81 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
windmill.guzelhosting.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a0e4ff0575587d3569e93abc63b7fd67ca2aa7166204e4ec46869eb0f28fb6ec

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bankssg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://bankssg.com/
Cookie
ASP.NET_SessionId=x1bl332kb3ep3sjq0n14k10l; LANGUAGE=en-US
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Sat, 02 Oct 2021 19:04:02 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
public
Content-Length
44023
coface-singapore.jpg.ashx
bankssg.com/CmsFiles/Posts/
9 KB
10 KB
Image
General
Full URL
https://bankssg.com/CmsFiles/Posts/coface-singapore.jpg.ashx?w=332&h=185
Requested by
Host: bankssg.com
URL: https://bankssg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
89.252.180.81 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
windmill.guzelhosting.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
66e92f082b607f31812480b756059a1b09f09866683dd123ec14aed0bd28ee8e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bankssg.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://bankssg.com/
Cookie
ASP.NET_SessionId=x1bl332kb3ep3sjq0n14k10l; LANGUAGE=en-US
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Sat, 02 Oct 2021 19:04:02 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
public
Content-Length
9621
ads
googleads.g.doubleclick.net/pagead/ Frame CFE6
36 KB
12 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=600&slotname=2190313216&adk=2681717213&adf=1754701967&pi=t.ma~as.2190313216&w=191&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=191x600&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393599&bpp=1&bdt=450&idt=109&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1079&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oPeaqMmmyT&p=https%3A//bankssg.com&dtd=111
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e21f31466dae88a1d398a24524c0ef6b350c7a5e293d9a10c93917393491c996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1318768672821926&output=html&h=600&slotname=2190313216&adk=2681717213&adf=1754701967&pi=t.ma~as.2190313216&w=191&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=191x600&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393599&bpp=1&bdt=450&idt=109&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1079&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oPeaqMmmyT&p=https%3A//bankssg.com&dtd=111
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bankssg.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 02 Oct 2021 19:03:14 GMT
server
cafe
content-length
12337
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 02-Oct-2021 19:18:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 02 Oct 2021 19:03:14 GMT
cache-control
private
analytics.js
www.google-analytics.com/
48 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3734534-162
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
673
date
Sat, 02 Oct 2021 18:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sat, 02 Oct 2021 20:52:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=386926794&t=pageview&_s=1&dl=https%3A%2F%2Fbankssg.com%2F&ul=en-us&de=UTF-8&dt=Banks%20in%20Singapore%2C%20Banks%20at%20Singapore%2C%20Banks%20of%20Singapore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1246155001&gjid=1525207224&cid=2083722898.1633201394&tid=UA-3734534-162&_gid=1182574728.1633201394&_r=1&gtm=2ou9r0&z=158742642
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bankssg.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 19:03:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bankssg.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
407 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-3734534-162&cid=2083722898.1633201394&jid=1246155001&gjid=1525207224&_gid=1182574728.1633201394&_u=YAhAAUAAAAAAAC~&z=97132587
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bankssg.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 02 Oct 2021 19:03:13 GMT
content-type
text/plain
access-control-allow-origin
https://bankssg.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 1FE2
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CRUYq8axYYa2ALbKP9u8Pta6m2A2ekNfiY_Lb1dSnDIGA9L7CARABIOzHyBxgyQagAfHB4PsCyAEJqAMBqgTfAU_QLXUM0hy21qK7gFfyWk0yceIlLgCtnALU_2lLxLiNU2WSTEiZWkOJzBR950qIhiBHXS9CRN3A79KzYK7mQW_04Bah3KOnl-SbVBVxU4Ho3KEZpnvLcOSI2oZDpFgY5-4vDLYwYEW6gS0NJ-Mz32tQKFTnOrvFrlObYVhR67xEE5YR8ltYu54rAB6s5B-Qba7Qzu7ga7LmXi8gnPud3E7I8ExmmWivSITSRP_-qqR21PERvqgrPXTkssSgH2NkhzPAf7FdXQGYVs-hYClXxZgGLD_LDQqpsnk8Yql-YPPABKrjsIusA5IFBAgEGAGSBQQIBRgEoAYRgAf3vZ-EAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwDyBwUQyrWAAdIIBwiAYRABGF-ACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMTMxODc2ODY3MjgyMTkyNhgA&sigh=8p2dy5lzSEA
Requested by
Host: bankssg.com
URL: https://bankssg.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=600&slotname=2190313216&adk=2681717213&adf=1754701967&pi=t.ma~as.2190313216&w=191&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=191x600&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393599&bpp=1&bdt=450&idt=109&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1079&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oPeaqMmmyT&p=https%3A//bankssg.com&dtd=111
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 02 Oct 2021 19:03:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 02 Oct 2021 19:03:14 GMT
bg
revjet.lendingtree.com/ Frame 1FE2
43 KB
18 KB
Script
General
Full URL
https://revjet.lendingtree.com/bg
Requested by
Host: bankssg.com
URL: https://bankssg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8b9544a2a8798025cb6e3e437d702c7b8d4f462ebda72aed1d4bcc5fe673142f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:14 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
p3p
CP="CAO PSA OUR"
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
cache-control
max-age=10800
content-type
text/html; charset=UTF-8
x-amz-cf-id
8NiiPI6sk-kmXZxDrtQYPh7RxMKqLDe9BqdZi-snnSE2OhHfDfEOiw==
expires
Sat, 02 Oct 2021 22:03:14 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 1FE2
31 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=600&slotname=2190313216&adk=2681717213&adf=1754701967&pi=t.ma~as.2190313216&w=191&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=191x600&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393599&bpp=1&bdt=450&idt=109&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1079&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oPeaqMmmyT&p=https%3A//bankssg.com&dtd=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
1149b4e0fd05ae859746ff5efb3ba8c59a82ec0414e60db64178bee9efde7b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 17:52:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4250
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12762
x-xss-protection
0
server
cafe
etag
4480342589260282775
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 17:52:24 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 1FE2
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=600&slotname=2190313216&adk=2681717213&adf=1754701967&pi=t.ma~as.2190313216&w=191&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=191x600&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393599&bpp=1&bdt=450&idt=109&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1079&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oPeaqMmmyT&p=https%3A//bankssg.com&dtd=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 18:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
357
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 18:57:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1FE2
122 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=600&slotname=2190313216&adk=2681717213&adf=1754701967&pi=t.ma~as.2190313216&w=191&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=191x600&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393599&bpp=1&bdt=450&idt=109&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1079&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oPeaqMmmyT&p=https%3A//bankssg.com&dtd=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
server
sffe
etag
"1633087504575570"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sat, 02 Oct 2021 19:03:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 1FE2
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=600&slotname=2190313216&adk=2681717213&adf=1754701967&pi=t.ma~as.2190313216&w=191&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=191x600&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393599&bpp=1&bdt=450&idt=109&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1079&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oPeaqMmmyT&p=https%3A//bankssg.com&dtd=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 18:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 18:57:44 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame 1FE2
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=600&slotname=2190313216&adk=2681717213&adf=1754701967&pi=t.ma~as.2190313216&w=191&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=191x600&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393599&bpp=1&bdt=450&idt=109&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1079&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oPeaqMmmyT&p=https%3A//bankssg.com&dtd=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:00:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7607
x-xss-protection
0
server
cafe
etag
5036643633216217121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 19:00:59 GMT
11141037355713213363
tpc.googlesyndication.com/simgad/ Frame BC0D
65 KB
65 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/11141037355713213363?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkRbLf3s2Qhf60vT68Ix6f58cycWw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=280&slotname=2645485076&adk=3092119540&adf=43991435&pi=t.ma~as.2645485076&w=730&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393597&bpp=2&bdt=449&idt=83&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=330&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VcmIGR0dpK&p=https%3A//bankssg.com&dtd=88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
06e79d82b93d95fc7d7c5b0a230d1636ce5f964780ccf00fa18b7e9392bacbf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:14 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66566
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 14:18:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 02 Oct 2022 19:03:14 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame BC0D
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=280&slotname=2645485076&adk=3092119540&adf=43991435&pi=t.ma~as.2645485076&w=730&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393597&bpp=2&bdt=449&idt=83&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=330&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VcmIGR0dpK&p=https%3A//bankssg.com&dtd=88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:00:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7607
x-xss-protection
0
server
cafe
etag
5036643633216217121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 19:00:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame BC0D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=280&slotname=2645485076&adk=3092119540&adf=43991435&pi=t.ma~as.2645485076&w=730&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393597&bpp=2&bdt=449&idt=83&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=330&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VcmIGR0dpK&p=https%3A//bankssg.com&dtd=88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 18:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
357
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 18:57:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BC0D
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=280&slotname=2645485076&adk=3092119540&adf=43991435&pi=t.ma~as.2645485076&w=730&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393597&bpp=2&bdt=449&idt=83&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=330&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VcmIGR0dpK&p=https%3A//bankssg.com&dtd=88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
server
sffe
etag
"1633087504575570"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sat, 02 Oct 2021 19:03:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame BC0D
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=280&slotname=2645485076&adk=3092119540&adf=43991435&pi=t.ma~as.2645485076&w=730&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393597&bpp=2&bdt=449&idt=83&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=330&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VcmIGR0dpK&p=https%3A//bankssg.com&dtd=88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 18:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 18:57:44 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame BC0D
27 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=280&slotname=2645485076&adk=3092119540&adf=43991435&pi=t.ma~as.2645485076&w=730&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393597&bpp=2&bdt=449&idt=83&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=330&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VcmIGR0dpK&p=https%3A//bankssg.com&dtd=88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
a672e695dab08ffadbea7f0e77f1a723eefff684ae0cdabe2ca3b7a141554c3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 18:40:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1388
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11096
x-xss-protection
0
server
cafe
etag
8885281346021324493
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 18:40:06 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BC0D
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cbf-e8axYYar3LOWolQeL5ZHgDqy4nKhlqOmizKwO_92A940aEAEg7MfIHGDJBqAB0cie5gPIAQKoAwHIA8kEqgTrAU_Qq7aSetE5SNdOUvaLkiJwuAdNiQyJi5bSluwZsBznOBNez_dfbyusF8Sq8DCNgrdX9IPLzYz5yoJS-0Aae15Bs3iGM7u9pwhBYTQde4isP-j-GSr7kr-5lo6mpyYwx93oN5q_Mp5WBIAygCTm1DOomWyBWm3shOpxQTKYjQtYnOBII1SbH_R31tyiiIwFUaNk6QDDKtYaAMy8Ad9TnjRUR5KsaG0icN5f80dr9opOWwaz9CDDYHfoRxeL-Fif8JMBBveDa6aOGmeSXBEF3cPtHvyv9aSVANpZcAHu9hQWlbHhi0am1p1IoF_ABIrf7pLhA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeXt-EZqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBRCCjqcB0ggHCIBhEAEYX4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMzE4NzY4NjcyODIxOTI2GAA&sigh=wSDliQ3AZ10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=280&slotname=2645485076&adk=3092119540&adf=43991435&pi=t.ma~as.2645485076&w=730&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393597&bpp=2&bdt=449&idt=83&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=330&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VcmIGR0dpK&p=https%3A//bankssg.com&dtd=88
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=280&slotname=2645485076&adk=3092119540&adf=43991435&pi=t.ma~as.2645485076&w=730&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393597&bpp=2&bdt=449&idt=83&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=330&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VcmIGR0dpK&p=https%3A//bankssg.com&dtd=88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 02 Oct 2021 19:03:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9A08
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=280&slotname=2645485076&adk=3092119540&adf=43991435&pi=t.ma~as.2645485076&w=730&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393597&bpp=2&bdt=449&idt=83&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=330&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VcmIGR0dpK&p=https%3A//bankssg.com&dtd=88
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=280&slotname=2645485076&adk=3092119540&adf=43991435&pi=t.ma~as.2645485076&w=730&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393597&bpp=2&bdt=449&idt=83&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=330&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VcmIGR0dpK&p=https%3A//bankssg.com&dtd=88
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnpNOHrWEBAbUqJI4-KI49DSJ4oYBJr2O1z-fP0UNZJbN25PLUDDaQFvKCcjJ0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=280&slotname=2645485076&adk=3092119540&adf=43991435&pi=t.ma~as.2645485076&w=730&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393597&bpp=2&bdt=449&idt=83&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=330&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VcmIGR0dpK&p=https%3A//bankssg.com&dtd=88

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 02 Oct 2021 18:34:13 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1741
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 1FE2
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c38d7b75e28a49fafa6c0d1531f7d6069f1a6fcd012c2f0a29f25dee547727c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BC0D
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ff017c741a575332290ce72c3f0f066479412ea0e044fb408271170cc2de987

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9A08
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=280&slotname=2645485076&adk=3092119540&adf=43991435&pi=t.ma~as.2645485076&w=730&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393597&bpp=2&bdt=449&idt=83&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=330&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VcmIGR0dpK&p=https%3A//bankssg.com&dtd=88
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnpNOHrWEBAbUqJI4-KI49DSJ4oYBJr2O1z-fP0UNZJbN25PLUDDaQFvKCcjJ0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 02 Oct 2021 19:03:14 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 02-Oct-2021 20:03:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 02 Oct 2021 19:03:14 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 02 Oct 2021 19:03:14 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
banner.js
revjet.lendingtree.com/~cdn/JS/03/3.4.16/modules/ Frame 1FE2
19 KB
8 KB
Script
General
Full URL
https://revjet.lendingtree.com/~cdn/JS/03/3.4.16/modules/banner.js
Requested by
Host: revjet.lendingtree.com
URL: https://revjet.lendingtree.com/bg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a3995d396acc12c695385d5f3575c8863f79c3caca8b6a03eef71f16ae126932

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:14 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 14:48:04 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
etag
W/"61547ca4-4c05"
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10800
x-amz-cf-id
hwTw5ymDbNOmTTmt8SOx_PA_kyfMP2I8BGKu7_-3q8vvzL3RdqlOJA==
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
expires
Sat, 02 Oct 2021 22:03:14 GMT
sync.html
revjet.lendingtree.com/~cdn/JS/03/ Frame FF23
2 KB
1 KB
Document
General
Full URL
https://revjet.lendingtree.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Requested by
Host: revjet.lendingtree.com
URL: https://revjet.lendingtree.com/bg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5427248e3e3b25a130f392188d7739916f97e4a594a6b5aa5dccf29a0990e75a

Request headers

:method
GET
:authority
revjet.lendingtree.com
:scheme
https
:path
/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

content-type
text/html
server
nginx
date
Sat, 02 Oct 2021 19:03:14 GMT
last-modified
Wed, 29 Sep 2021 14:48:10 GMT
etag
W/"61547caa-7ad"
expires
Sat, 02 Oct 2021 22:03:14 GMT
cache-control
max-age=10800
access-control-allow-origin
*
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
rHCfgOTfrIeIcsOpa0rO03oxgKe3Q1n19bUQVQSHVoZNDTIAqqMo2A==
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/
141 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/reactive_library_fy2019.js?bust=31062986
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
01f1762d3784e1395fe9ed138c2721e78f0cffe649bdf6bd252b0459e679d8f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52205
x-xss-protection
0
server
cafe
etag
716845121156811811
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Oct 2021 19:03:14 GMT
tag149824
revjet.lendingtree.com/ Frame 1FE2
17 KB
5 KB
Script
General
Full URL
https://revjet.lendingtree.com/tag149824?_plc_id=44911877&_key=ac1&ct_url=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253Dl%2526ai%253DChHOI8axYYa2ALbKP9u8Pta6m2A2ekNfiY_Lb1dSnDIGA9L7CARABIOzHyBxgyQagAfHB4PsCyAEJqAMBqgTiAU_QLXUM0hy21qK7gFfyWk0yceIlLgCtnALU_2lLxLiNU2WSTEiZWkOJzBR950qIhiBHXS9CRN3A79KzYK7mQW_04Bah3KOnl-SbVBVxU4Ho3KEZpnvLcOSI2oZDpFgY5-4vDLYwYEW6gS0NJ-Mz32tQKFTnOrvFrlObYVhR67xEE5YR8ltYu54rAB6s5B-Qba7Qzu7ga7LmXi8gnPud3E7I8ExmmWivSITSRP_-qqR21PERvqgrPXTk8MaBjdiYTz4Nt7fK_EIH37q6aq1e64C0rYaIkolYoFUk23CubT5qwjDABKrjsIusA6AGEYAH972fhAGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGF-ACgGYCwHICwGADAG4DAHYEwzQFQGYFgGAFwE%2526num%253D1%2526sig%253DAOD64_1tviR-EM4oiIhhq2CZR7gd2hqbNw%2526client%253Dca-pub-1318768672821926%2526adurl%253D&li=%7BLoan_Interest_Type%7D&gdn_ad_group_id=114914242986&cachebuster=1818282376&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1318768672821926%26output%3Dhtml%26h%3D600%26slotname%3D2190313216%26adk%3D2681717213%26adf%3D1754701967%26pi%3Dt.ma~as.2190313216%26w%3D191%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1633201393%26rafmt%3D1%26psa%3D0%26format%3D191x600%26url%3Dhttps%253A%252F%252Fbankssg.com%252F%26flash%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1633201393599%26bpp%3D1%26bdt%3D450%26idt%3D109%26shv%3Dr20210928%26mjsv%3Dm202109280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C730x280%26nras%3D1%26correlator%3D43709409180%26frm%3D20%26pv%3D1%26ga_vid%3D2083722898.1633201394%26ga_sid%3D1633201394%26ga_hid%3D386926794%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_java%3D0%26u_nplug%3D3%26u_nmime%3D4%26adx%3D1079%26ady%3D104%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D31062986%26oid%3D2%26pvsid%3D3421883143289576%26pem%3D597%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257ClpeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DoPeaqMmmyT%26p%3Dhttps%253A%2F%2Fbankssg.com%26dtd%3D111&_js_site_ref=https%3A%2F%2Fbankssg.com%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=dcde7b644085fb8312a2_1633201394530&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_autoscale=false&_js_ao=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fbankssg.com&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.4.16&_js_tstamp=1633201394533
Requested by
Host: revjet.lendingtree.com
URL: https://revjet.lendingtree.com/bg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2e0876431535137c9c8ccdbf71b3f3bfc522e263e1922305b06b4dd66641be93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 19:03:14 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-transform
x-server
ip40266
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
5VZjSXH2NGv7H66Va9sz_y06zudyT01iweGLAowyrNf0ChIi0DB-CA==
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
expires
Sat, 01 Jan 2000 12:00:00 GMT
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bankssg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Oct 2021 19:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/ Frame 513B
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bankssg.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnpNOHrWEBAbUqJI4-KI49DSJ4oYBJr2O1z-fP0UNZJbN25PLUDDaQFvKCcjJ0; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 02 Oct 2021 00:14:05 GMT
expires
Sat, 16 Oct 2021 00:14:05 GMT
content-type
text/html; charset=UTF-8
etag
297313706323796346
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4617
x-xss-protection
0
age
67749
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/ Frame E615
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bankssg.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnpNOHrWEBAbUqJI4-KI49DSJ4oYBJr2O1z-fP0UNZJbN25PLUDDaQFvKCcjJ0; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 02 Oct 2021 00:14:05 GMT
expires
Sat, 16 Oct 2021 00:14:05 GMT
content-type
text/html; charset=UTF-8
etag
297313706323796346
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4617
x-xss-protection
0
age
67749
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame F119
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1318768672821926&output=html&h=280&slotname=2645485076&adk=3092119540&adf=43991435&pi=t.ma~as.2645485076&w=730&fwrn=4&fwrnh=100&lmt=1633201393&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fbankssg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633201393597&bpp=2&bdt=449&idt=83&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43709409180&frm=20&pv=1&ga_vid=2083722898.1633201394&ga_sid=1633201394&ga_hid=386926794&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=330&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=3421883143289576&pem=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VcmIGR0dpK&p=https%3A//bankssg.com&dtd=88
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 16:24:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
9530
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 02 Oct 2022 16:24:24 GMT
css2
fonts.googleapis.com/ Frame 513B
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 18:05:28 GMT
server
ESF
date
Sat, 02 Oct 2021 19:03:14 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 02 Oct 2021 19:03:14 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 513B
205 B
295 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:46:19 GMT
x-content-type-options
nosniff
age
22615
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 02 Oct 2022 12:46:19 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 513B
604 B
1 KB
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 16:15:21 GMT
x-content-type-options
nosniff
age
10073
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 02 Oct 2022 16:15:21 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/elements/html/ Frame 513B
17 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
f0c966edfc6ce40ca892f7e2bc53a95bd27cb94ac8b6fa61fcb30457ff214600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7655
x-xss-protection
0
server
cafe
etag
17297134792721902632
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 19:02:15 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E615
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CqYQk8axYYfOULNCT7_UPveuiqAqL_Oj8YresvNv2DdnZHhABIOzHyBxgyQagAci73JADyAECqAMByAPJBKoE0AFP0CkfHf_MZHGNk-DbjeGNpM8GJDma801bFp3XFkKycmD1YyxSm4PHPOTYNG7_YrtPrthyUdIoCoAsMF2iUMZ2R9AhdN8o-JRE3im6H3RAcodyONEb93RAr3mbEp3m6IRii2H_17xCJtwOWlbxAGeukNbI6ZzPO_uf9XhMxRuBlNJ8mpLone9bK4rQz6M7OIWFFkeTslxBC7uNZM95yeF22a-oVNeVFFgV68r_fHTysENzq82qA0yLz6tAiwRNX2-_d5O2DOzdbQItAV3RopJPwAS3k-KuxAOSBQQIBBgBkgUECAUYBKAGAoAHoMSjb6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQr6E_0ggHCIBhEAEYX4AKAcgLAdgTAtAVAYAXAbIXHAoaCAASFHB1Yi0xMzE4NzY4NjcyODIxOTI2GAA&sigh=X0P2Df1dQKU
Requested by
Host: bankssg.com
URL: https://bankssg.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 02 Oct 2021 19:03:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame E615
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:00:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7607
x-xss-protection
0
server
cafe
etag
5036643633216217121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 19:00:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame E615
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 18:48:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
857
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 18:48:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E615
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
server
sffe
etag
"1633087504575570"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sat, 02 Oct 2021 19:03:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame E615
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 18:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 18:57:44 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame E615
27 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
a672e695dab08ffadbea7f0e77f1a723eefff684ae0cdabe2ca3b7a141554c3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 18:40:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1388
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11096
x-xss-protection
0
server
cafe
etag
8885281346021324493
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 18:40:06 GMT
14890910762882035643
tpc.googlesyndication.com/simgad/ Frame E615
38 KB
38 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14890910762882035643?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkPbtUxLYgg_ZV3xdA8CfGJZLz9JA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
30b550086f76745852ab1d8e2051286a8e85f38d4c9eaa66bbdd4555fa180054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 17:00:28 GMT
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 21:23:51 GMT
server
sffe
age
7366
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39293
x-xss-protection
0
expires
Sun, 02 Oct 2022 17:00:28 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame BBC5
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnpNOHrWEBAbUqJI4-KI49DSJ4oYBJr2O1z-fP0UNZJbN25PLUDDaQFvKCcjJ0; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 02 Oct 2021 18:34:13 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1741
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 992F
3 KB
580 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 18:07:28 GMT
server
ESF
date
Sat, 02 Oct 2021 19:03:14 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 02 Oct 2021 19:03:14 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 992F
1 KB
879 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 18:59:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
852
x-xss-protection
0
server
cafe
etag
14170629819630813772
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 18:59:12 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame 992F
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:00:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7607
x-xss-protection
0
server
cafe
etag
5036643633216217121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 19:00:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 992F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 18:48:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
857
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 18:48:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 992F
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
server
sffe
etag
"1633087504575570"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sat, 02 Oct 2021 19:03:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 992F
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 18:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 18:57:44 GMT
a05f1579543550f3e279366fb116adbd.js
www.gstatic.com/mysidia/ Frame 992F
27 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a05f1579543550f3e279366fb116adbd.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 03:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11147
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 01:21:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 29 Dec 2021 03:59:53 GMT
truncated
/ Frame E615
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8b73c2c877021abc17820131ac475696827e9840ee4773872111462141c5854

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
elements-2.7.0.js
cdn.revjet.com/~cdn/JS/03/ Frame 6AF4
135 KB
40 KB
Script
General
Full URL
https://cdn.revjet.com/~cdn/JS/03/elements-2.7.0.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.41 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D5) /
Resource Hash
0b428f63bfcf2d1f4c215d5fc6d0764216e1db6e3a27733fd1fe54f2f4755410

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:14 GMT
content-encoding
gzip
last-modified
Thu, 05 Aug 2021 11:10:06 GMT
server
ECS (frb/67D5)
age
150
etag
"610bc70e-21b25+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
content-length
40629
expires
Sat, 02 Oct 2021 19:13:14 GMT
999
pix.lendingtree.com/interaction/ Frame 6AF4
43 B
326 B
Image
General
Full URL
https://pix.lendingtree.com/interaction/999?__ads=794c0eee318fcd2f9a8b8939db7005fc&__adt=8756688331179029545&__ade=1&vid=4965869518353306564
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 19:03:14 GMT
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-store
content-length
43
x-amz-cf-id
fxyefTBR-szH5CavoJX7GLMj4rnc-LTFBVPkjmf54NqN7y7KIX0ARQ==
expires
Sat, 01 Jan 2000 12:00:00 GMT
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame 9D7C
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: bankssg.com
URL: https://bankssg.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 16:24:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
9530
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 02 Oct 2022 16:24:24 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame BBC5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnpNOHrWEBAbUqJI4-KI49DSJ4oYBJr2O1z-fP0UNZJbN25PLUDDaQFvKCcjJ0; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 02 Oct 2021 19:03:14 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 02-Oct-2021 20:03:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 02 Oct 2021 19:03:14 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 02 Oct 2021 19:03:14 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame E41B
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 16:24:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
9530
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 02 Oct 2022 16:24:24 GMT
index.html
cdn.revjet.com/s3/csp/1619040477118/ Frame 6AF4
5 KB
1 KB
XHR
General
Full URL
https://cdn.revjet.com/s3/csp/1619040477118/index.html
Requested by
Host: cdn.revjet.com
URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.7.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.41 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6712) /
Resource Hash
fabffbdee4ff0a0580db122116e222bb4835ca8f11589c14fcd0dd09d7925615

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:14 GMT
content-encoding
gzip
age
2730
x-cache
HIT
x-amz-replication-status
COMPLETED
x-amz-request-id
VHB73AZPEFH8CZCE
x-amz-id-2
VwtIdFLSILf3w+YZamkbLyLztSMl6ToyE40nccSp5J9XZ9kvvvSLbQsrQ53fiu5ne1bQm6rQ3y4=
last-modified
Wed, 21 Apr 2021 21:28:09 GMT
server
ECS (frb/6712)
etag
"ba88fb1a094a6ac86d99a75566662d00+gzip"
vary
Accept-Encoding
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=3600
content-length
1034
content-type
text/html
expires
Sat, 02 Oct 2021 20:03:14 GMT
style.css
cdn.revjet.com/s3/csp/1619040477118/ Frame E964
6 KB
2 KB
Stylesheet
General
Full URL
https://cdn.revjet.com/s3/csp/1619040477118/style.css
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.41 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6794) /
Resource Hash
7e31f0241adad60e1c1d50edfaee8184eaf3438b8dce2f2b7d2b8b32ec831fd1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:14 GMT
content-encoding
gzip
age
856
x-cache
HIT
x-amz-replication-status
COMPLETED
x-amz-request-id
4SG00SGQCKE48RP6
x-amz-id-2
ldTrsXo1vP2Cn0d1Mcz50Ii3Zrg3k64526klZA4yEmlQb9YSWh3xRNNgoZAB2IvtVaD+Lwt0CdM=
last-modified
Wed, 21 Apr 2021 21:28:09 GMT
server
ECS (frb/6794)
etag
"2fd646f3d9e79ea0fa6b3b56be361300+gzip"
vary
Accept-Encoding
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=3600
content-length
1717
content-type
text/css
expires
Sat, 02 Oct 2021 20:03:14 GMT
css
fonts.googleapis.com/ Frame E964
2 KB
416 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,600,700
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 17:46:47 GMT
server
ESF
date
Sat, 02 Oct 2021 19:03:14 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 02 Oct 2021 19:03:14 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E964
113 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Oct 2021 19:03:14 GMT
code.js
cdn.revjet.com/s3/csp/1619040477118/ Frame E964
8 KB
2 KB
Script
General
Full URL
https://cdn.revjet.com/s3/csp/1619040477118/code.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.41 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6793) /
Resource Hash
79cde0df56ec61fbe517cf530ba62a83b7c2b761836ddb549411b2be1b07a457

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:14 GMT
content-encoding
gzip
age
2730
x-cache
HIT
x-amz-replication-status
COMPLETED
x-amz-request-id
VHB28HAB0KDJ1R37
x-amz-id-2
bR9YqdhxV1Vu+/Jg9K1NdWsTfBwrOaoWHaO2lwLdhFzDm9wNuP8EsaHHzEgPiFUrQoJzBUbLO+o=
last-modified
Wed, 21 Apr 2021 21:28:09 GMT
server
ECS (frb/6793)
etag
"e258fd58557bfd04c3497e2847370da6+gzip"
vary
Accept-Encoding
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=3600
content-length
1994
content-type
application/javascript
expires
Sat, 02 Oct 2021 20:03:14 GMT
logo.gif
cdn.revjet.com/s3/csp/1619040477118/ Frame E964
36 KB
36 KB
Image
General
Full URL
https://cdn.revjet.com/s3/csp/1619040477118/logo.gif
Requested by
Host: cdn.revjet.com
URL: https://cdn.revjet.com/s3/csp/1619040477118/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.41 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) /
Resource Hash
2a0dd7c99c9b916c8eb443ae1a1e5553df174437e3a8ec9924ca17e9f28bb9e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.revjet.com/s3/csp/1619040477118/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:14 GMT
age
856
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
36910
x-amz-id-2
XNDppINm8KQqNdIU9Qmxw8pWy7iYYbOBTwRc6d7RjzFTTzhjEaeLjGsP8VtNYjiJ0Ufgx/NMy/I=
last-modified
Wed, 21 Apr 2021 21:28:09 GMT
server
ECS (frb/67F3)
etag
"52f176cb7d3ff2fe44c1fee20a6a5b43"
x-amz-request-id
4SGCA05KC6XKH3CH
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-version-id
null
accept-ranges
bytes
content-type
image/gif
expires
Sat, 02 Oct 2021 20:03:14 GMT
shine.png
cdn.revjet.com/s3/csp/1619040477118/ Frame E964
1 KB
1 KB
Image
General
Full URL
https://cdn.revjet.com/s3/csp/1619040477118/shine.png
Requested by
Host: cdn.revjet.com
URL: https://cdn.revjet.com/s3/csp/1619040477118/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.41 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6772) /
Resource Hash
3442ea704af026f68a75abf7aced41c1f782736789bc5ac2f0c86a8a422b9d46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.revjet.com/s3/csp/1619040477118/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:14 GMT
age
856
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1127
x-amz-id-2
fwm2dzz6xokS+z0DS4CDUxlbIj465zybePAJyY3F2ECaY6HYvs6v/l0HAW78ndc6QDz8EALDwMc=
last-modified
Wed, 21 Apr 2021 21:28:09 GMT
server
ECS (frb/6772)
etag
"0d595d65dcbf04768416a23c3dd4d0c5"
x-amz-request-id
4SG67D10J35BCZ47
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-version-id
null
accept-ranges
bytes
content-type
image/png
expires
Sat, 02 Oct 2021 20:03:14 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame E964
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 06:39:46 GMT
x-content-type-options
nosniff
age
563008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Sep 2022 06:39:46 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ Frame E964
22 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:13:08 GMT
x-content-type-options
nosniff
age
399006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 04:13:08 GMT
ltdisplay-new.xml
cdn.revjet.com/s3/csp/1611594137198/ Frame E964
4 KB
1 KB
XHR
General
Full URL
https://cdn.revjet.com/s3/csp/1611594137198/ltdisplay-new.xml
Requested by
Host: cdn.revjet.com
URL: https://cdn.revjet.com/s3/csp/1619040477118/code.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.41 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6731) /
Resource Hash
a179dfb07f101fc3ad531fe0ec77b413ff65543a0a72e72b58cc746c474d3fc2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:14 GMT
content-encoding
gzip
age
1113
x-cache
HIT
x-amz-replication-status
COMPLETED
x-amz-request-id
X9BWSMBZD0R651MW
x-amz-id-2
NVTS9HOzx1ORCy/EiVs21jTIORe5l+7mUR4UnTV+lXGb7w3t7hdDXFRVCJ9CfUj77yu5lHlFGE0=
last-modified
Fri, 17 Sep 2021 20:08:21 GMT
server
ECS (frb/6731)
etag
"45550ee56b17fbd8eb1e029f02809434+gzip"
vary
Accept-Encoding
x-amz-version-id
x6820h2pxcXSmltVUKOBED.r9pg4OC2d
access-control-allow-origin
*
cache-control
max-age=3600
content-length
1057
content-type
application/xml
expires
Sat, 02 Oct 2021 20:03:14 GMT
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210928&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
2b6bd5597b57d9ca8c018ac2b202544d6d06725b8aaa6757db9d83cddb401551
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Oct 2021 19:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8482
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 02 Oct 2021 19:03:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3EDF
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bankssg.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sat, 02 Oct 2021 18:00:37 GMT
expires
Sun, 02 Oct 2022 18:00:37 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3758
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 495D
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.164 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f164.1e100.net
Software
GSE /
Resource Hash
33a6c30722e666c260086555ff3b4c4c9f14e8482db2ed8d8bfbb9f064702f57
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ll5GHKjesw6ccbu9Og0xUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bankssg.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 02 Oct 2021 19:03:15 GMT
date
Sat, 02 Oct 2021 19:03:15 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ll5GHKjesw6ccbu9Og0xUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 495D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210928&jk=3421883143289576&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame 3EDF
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 16:24:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
9531
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 02 Oct 2022 16:24:24 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BC0D
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgAuFtANhI_8HX1i8wWlaNtY5miLpC6J62W_qqGI53JqAGXk0xUpp050iadU6R1jLjV47HAgVteywbPnfyqqt92hLXV40jZSpWWZS5QYFpsnu76_Q&sai=AMfl-YRxZ1kzbyh8MhDTgdzhdoiR2Sf-kDFlS-q1mJP_U-UXOpxsls602nrwvvDw55BHTZlqV0GmOss11Lx5&sig=Cg0ArKJSzCRCfMM8qL-UEAE&id=lidar2&mcvt=1013&p=0,0,188,730&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20211001&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3092119540&rs=2&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633201393687&rpt=838
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 19:03:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210928&jk=3421883143289576&bg=!k5ClkNTNAAZE-GIIRPg7ACkAdvg8WqrUIzLaJn0BtcQ3_SBdwK-ltpkBxyblPyQK73ktCiDsMvux3AIAAAEFUgAAADNoAQcKAKmFHKJ2HJZfL0xUYWIjuSVbOUCTYeycyIZURju75lDQknVsY4QfCsNfysIWIgac_hPchvpP_Oak3SciL7PKWSLi9IBfxbgdGF2jHBayJkHpRFjMd9sH5bEJ2pALwvY0pArNbM8jBJXVDjjVNSDX9FPeq43Ya5elKxqSQ3dl00u-gq7a8Z0JP4505FZGY8Y3cKRPE9cYuDTIRE-oU46A1EI_PDlI05RUm322mQKmmQU9F_-K098UjKas2EKBFEo_X7hEvaL6dAqXmbYOVLFUwpOSKWQb83aZ-ffSomuBgpbEkNTeVI-dFZGL_vHAdy0m_ITAzBctK4R0AM1N5XwAhm1sywcd9zG-OhbgPzVWgim58umP6Ly7FpQCEbQuUgSEpv3EM5A924WMgmdMwDxnexJtw4IQ7c0KXJ4W5pWJcnRSrb0JyK9IJkLDt8aFE1scVg2C7EeS5-OOBwnU9PdM0lxgSpNQknRhhrSqcRIKBQVPTA1mqVdBFK5SkSiE7orKBx-YQNiLLvxt-7Eo96A4i_4BVi2DBRtVkPkjA2uaixgn1n6omyK18zOxJBdI6ikCySwBnLa5liDwYeX-qhME7wNB2hl1i4Pqxx45jglusxrxxs7u36q7qJ1zqCRObyVnpXiMRQlYCat8GNCZgeXs7Pee9KSgN009A0FVutK0SXdiZTdZikG6N0DcBpFbuWnomPhwvqd8z-ghVo4W_otwReYMcsHprh02nMuCbn9EcFjNNByi4OGR_CCd2FwfpIioBoUuo0ellzVpEAGeTFbTpL4hG1b1NS3aiQ3AoLQMvB_WwqTZrZU2JLVIOxOwSS8u3HM9rmLLfZtFR-JQV5cjMZCdzTMSTc5J6mDTnzREMPJTX_LF1FVCALGbhltDg8Sjb5H1wgBoORnHp5Qciyk-yJGzqjDc9m65HYtqP0PpjpZVQOzAYXShEjaPD5rloBuuaO59jFZGR9uWZPGk__-beWDQJlXHtu5R6l6ccCIGZZ5PD16RPZhG41yjeHbvSF1p-wAeM6FT_tlTC9S6Cvzs6tVfrNLzkigyRZAdiLa5O0czBkEt7B9_i9K8mk29VD-Vz0IiqNes9gXO2mn4ZOW58DG-DGu6AtiNWLu7b9MhvT_1BjzM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bankssg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

1004
pix.lendingtree.com/interaction/ Frame 6AF4
43 B
326 B
Image
General
Full URL
https://pix.lendingtree.com/interaction/1004?__ads=794c0eee318fcd2f9a8b8939db7005fc&__adt=8756688331179029545&__ade=1&vid=4965869518353306564
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 19:03:16 GMT
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-store
content-length
43
x-amz-cf-id
CBBax-dRpavAvSB2KfbnDzktghgQlSNKiOnJvqEpkOqWajFhFuDBVw==
expires
Sat, 01 Jan 2000 12:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1FE2
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu49WVy2Pmz7af-eIBCyduMi5hGAd4QZZ5ljIsgg36nFcR7oWg7C1tFt2aUvSo9Pr8va78G1UPU9eIyhPx8dBFeDmbcA6IDSQnxW8H5MS_PENSWaZk&sai=AMfl-YTq29CvVbo000M8IQhf8xN_ugXBNEof7JwSUiFDabdkfE0PGg0EXPLS2EZWAb60V6SHrenbJ0pdyAZH&sig=Cg0ArKJSzNGA898n0juqEAE&id=lidar2&mcvt=1021&p=0,0,604,160&mtos=0,1021,1021,1021,1021&tos=0,1021,0,0,0&v=20211001&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=2681717213&rs=2&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633201394293&rpt=598
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 19:03:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E615
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkrTdjXZg11nAOhluEzbjnaohmLHQbr9eW0hbdx3WNeq7Ho0-vebOLZ2i_iANvjc3LiGkmFdjSLZyMBhFrXNrIS60-nLNcVriGcpA1a19FXxPqOLY&sai=AMfl-YQ9Plfh99JnVlx-jZcEVYvCkFJhsk3_p6M-VMs0cy0O5_2vj4BFWEYohQOgDx9eSG3qO6v4omuTFV7v&sig=Cg0ArKJSzI_5h9QmOS1_EAE&id=lidar2&mcvt=1031&p=0,0,124,1005&mtos=118,801,1031,1139,1315&tos=118,683,230,108,176&v=20211001&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=318159121&rs=2&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633201394555&rpt=131
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 19:03:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
900
pix.lendingtree.com/interaction/ Frame 6AF4
43 B
327 B
Image
General
Full URL
https://pix.lendingtree.com/interaction/900?__ads=794c0eee318fcd2f9a8b8939db7005fc&vid=4965869518353306564&__adt=8756688331179029545&__ade=1&latent=0&vis_type=8&__stamp=1633201396010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 19:03:16 GMT
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-store
content-length
43
x-amz-cf-id
0OU44KDHGwXg_fTzzxE5pvZQwBKOMICqjtibt3y32zYXDj3CN8MXuw==
expires
Sat, 01 Jan 2000 12:00:00 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect boolean| originAgentCluster object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages function| $ function| jQuery object| jQuery11130021960475351044284 function| gtag object| dataLayer object| menu number| menuHeight object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| googletag object| google_llp object| GoogleGcLKhOms object| google_image_requests

11 Cookies

Domain/Path Name / Value
bankssg.com/ Name: ASP.NET_SessionId
Value: x1bl332kb3ep3sjq0n14k10l
bankssg.com/ Name: LANGUAGE
Value: en-US
.bankssg.com/ Name: __gads
Value: ID=4d1d3f6a042adef3-22a77252e4ca0002:T=1633201393:RT=1633201393:S=ALNI_MYgNdKn4N3Ks2fRyv4N5MCfPmheSg
.bankssg.com/ Name: _ga
Value: GA1.2.2083722898.1633201394
.bankssg.com/ Name: _gid
Value: GA1.2.1182574728.1633201394
.bankssg.com/ Name: _gat_gtag_UA_3734534_162
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnpNOHrWEBAbUqJI4-KI49DSJ4oYBJr2O1z-fP0UNZJbN25PLUDDaQFvKCcjJ0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: DSID
Value: NO_DATA
.lendingtree.com/ Name: trx
Value: 4965869518353306564
.lendingtree.com/ Name: ads
Value: 794c0eee318fcd2f9a8b8939db7005fc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
bankssg.com
cdn.revjet.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pix.lendingtree.com
revjet.lendingtree.com
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.184.193
142.250.184.194
142.250.185.195
142.250.185.66
142.250.185.99
142.250.186.106
142.250.186.162
142.250.186.166
142.250.186.46
142.250.186.98
142.250.74.2
142.250.74.200
18.66.122.5
18.66.97.46
216.58.212.164
74.125.206.157
89.252.180.81
93.184.220.41
01f1762d3784e1395fe9ed138c2721e78f0cffe649bdf6bd252b0459e679d8f7
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
06e79d82b93d95fc7d7c5b0a230d1636ce5f964780ccf00fa18b7e9392bacbf4
0b428f63bfcf2d1f4c215d5fc6d0764216e1db6e3a27733fd1fe54f2f4755410
0ff017c741a575332290ce72c3f0f066479412ea0e044fb408271170cc2de987
1149b4e0fd05ae859746ff5efb3ba8c59a82ec0414e60db64178bee9efde7b52
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
2a0dd7c99c9b916c8eb443ae1a1e5553df174437e3a8ec9924ca17e9f28bb9e4
2abbee2d5d531a76163ffb37425857e3af75284178867b2fd90fdcd80f0b3ea8
2b6bd5597b57d9ca8c018ac2b202544d6d06725b8aaa6757db9d83cddb401551
2ce94bbb7e34f71e199bf6ce654fdbd50a471359ed21715fe788d0d6cf4a8e59
2e0876431535137c9c8ccdbf71b3f3bfc522e263e1922305b06b4dd66641be93
2e922a372f44531aac711b97f1668ff82476a3d973bdb41335ca398b881fc260
30b550086f76745852ab1d8e2051286a8e85f38d4c9eaa66bbdd4555fa180054
31a2b824bc30d5ff7eb9c79b32155ddcd0d8cae3f3b5bd2d855467f300ab14ce
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33a6c30722e666c260086555ff3b4c4c9f14e8482db2ed8d8bfbb9f064702f57
3442ea704af026f68a75abf7aced41c1f782736789bc5ac2f0c86a8a422b9d46
41bed3fec75000d70f8229cc5c88c3ec5a3adf776bbd1c49bdb759771f069a7b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5427248e3e3b25a130f392188d7739916f97e4a594a6b5aa5dccf29a0990e75a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ce3f6ea71ea0f7eb1247e5555023217bb60373c178676b4bf86c89c24c8827c
60395c90bea2e855b9bad50f6be93ff861d01abaae98d56ffb53737813c708b5
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a
66e92f082b607f31812480b756059a1b09f09866683dd123ec14aed0bd28ee8e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c1bdb1220826cfd7b84730f91c6a074dc6fb5cfcf299972133c6068482c679a
6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820
6f8806b9d1781788020f5320294d8f1a4d07ec9f0bdfa25573fd29e3352d8469
79cde0df56ec61fbe517cf530ba62a83b7c2b761836ddb549411b2be1b07a457
7baa73ab943fa39825df1f1e79f89e170987667b1454ed05a67c310a023c40ed
7e31f0241adad60e1c1d50edfaee8184eaf3438b8dce2f2b7d2b8b32ec831fd1
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
8b9544a2a8798025cb6e3e437d702c7b8d4f462ebda72aed1d4bcc5fe673142f
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8df9496a7605e0e1922a1148caeb546fe5c0026c97ba47b75a8531a134d23091
a0e4ff0575587d3569e93abc63b7fd67ca2aa7166204e4ec46869eb0f28fb6ec
a179dfb07f101fc3ad531fe0ec77b413ff65543a0a72e72b58cc746c474d3fc2
a2d9d72420c246e13de6d4ff805294750a8723dc5856ae4f405b4df3e77d6a72
a3995d396acc12c695385d5f3575c8863f79c3caca8b6a03eef71f16ae126932
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a672e695dab08ffadbea7f0e77f1a723eefff684ae0cdabe2ca3b7a141554c3e
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c38d7b75e28a49fafa6c0d1531f7d6069f1a6fcd012c2f0a29f25dee547727c4
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c8b73c2c877021abc17820131ac475696827e9840ee4773872111462141c5854
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e21f31466dae88a1d398a24524c0ef6b350c7a5e293d9a10c93917393491c996
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c966edfc6ce40ca892f7e2bc53a95bd27cb94ac8b6fa61fcb30457ff214600
f43ecc90cc094c360a9de6fafb4d68035540236b7462fac8621bd84c97b793ce
fabffbdee4ff0a0580db122116e222bb4835ca8f11589c14fcd0dd09d7925615
fc6425e8a5f918caa07ef67f023df8610be6304291b17a834821ca75bacdaea3
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ffa8a4c19f54f89d990a188facc054db13807a5ad467f939cf102b31826eeb84